Ars@PDC: Windows 7’s streamlined UAC

When it was introduced, Vista's UAC feature was met with some skepticism and …

One feature of Vista that came under more criticism than most was User Account Control. The feature, designed to make Windows more secure by both limiting the rights of Administrators and making it easier for regular Users to gain Administrator rights only when necessary, was deemed to be annoying and intrusive. As a result, some 10-15% of Vista users turn it off.

Vista SP1 smoothed a few of the more annoying UAC wrinkles, but retained the same fundamental mechanics. The two main problems with UAC:the screen going black momentarily whenever a confirmation prompt was displayed, and the need to reaffirm explicit user actions.

With Windows 7, Microsoft has tried to tone down UAC to make it less invasive while still affording the same protection. Windows 7 contains a slider with four different UAC settings:

UAC settings slider. Click for full size

By default (at least in the build given out at PDC), Windows 7 will show Administrator users many fewer prompts than Vista. No user-initiated action requiring elevation (i.e., changing a setting in Control Panel, creating a folder in a restricted location) will result in a UAC prompt. Instead, the elevation occurs automatically, allowing the action to succeed.

However, if a program attempts to perform such an action, UAC steps in and displays a prompt. This provides a pretty good balance between annoyance and protection. Furthermore, the UAC prompts no longer black the screen out. Instead, they just appear as regular dialog boxes.

UAC confirmation dialog

If logged on as a regular (non-Administrator) user, there are, of course, more prompts; non-Administrators can't silently elevate. Again, though, the UAC dialogs are shown on the desktop, without the screen flash.

UAC password dialog

The other slider positions are: no confirmations ever (Administrators automatically elevate, even for program-invoked actions), no automatic elevations (so even user actions require a prompt, just as with Vista SP1), and no automatic elevations-with-screen-blacking (that is, full Vista behavior).

Though this change will obviously appeal to many people, and it certainly makes the initial OS setup and configuration much more streamlined, I do somewhat miss the screen blanking of Vista. The UAC prompts are now barely different from any regular dialogs, making it very easy to just click the button without giving the question any consideration. I think that removing prompts for user-initiated actions is probably a sensible policy, but I personally would like a way to reinstate the screen blanking for program-initiated actions. UAC was designed to annoy, and I'm still sympathetic to that goal. To my mind, Windows 7's UAC is a little too un-annoying.